mod_http2 v2.0.33 rpms released

mod_http2 v2.0.33 rpms released and added to all supported platforms.

Changes:

Fixes CVE-2025-53020 where a client can increase memory consumption for a HTTP/2 connection via repeated request header names, leading to denial of service.

Fixes CVE-2025-49630 where in certain proxy configurations whith mod_proxy_http2 as the backend, an assertion can be triggered by certain requests, leading to denial of service.

Leave a Reply

Your email address will not be published. Required fields are marked *